coolaj86/oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

more login logic

Browse Source
This commit is contained in:
AJ ONeal 2017-03-26 01:43:06 -06:00
parent dd0b257038
commit 79ee4ba7da
4 changed files with 281 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

289
bin/oauth3.js
View File

@ -15,138 +15,195 @@ OAUTH3._hooks.session.get = require('../oauth3.node.storage.js').sessions.get;
OAUTH3._hooks.session.set = require('../oauth3.node.storage.js').sessions.set; OAUTH3._hooks.session.set = require('../oauth3.node.storage.js').sessions.set;
*/ */
var url = require('url'); // opts = { email, providerUri }
//console.log('stdin tty', process.stdin.isTTY); module.exports.login = function (options) {
//console.log('stdout tty', process.stdout.isTTY); options = options || {};
var oauth3; var url = require('url');
var opts = { //console.log('stdin tty', process.stdin.isTTY);
providerUri: undefined //console.log('stdout tty', process.stdout.isTTY);
}; var oauth3;
var opts = {
email: options.email
, providerUri: options.providerUri
};
if (opts.form) {
form = opts.form;
}
var email;
var providerUrl;
var providerUri;
var sameProvider;
var username;
function getCurrentUserEmail() { function getSession() {
return form.ask({ label: "What's your email (or cloud mail) address? ", type: 'email' }).then(function (emailResult) {
var emailParts = (emailResult.result || emailResult.input).split('@');
var domain = emailParts[1];
var username; var username;
var sameProvider;
var urlObj = url.parse(opts.providerUri || domain); // TODO lookup uuid locally before performing loginMeta
// TODO get unique client id for bootstrapping app // TODO lookup token locally before performing loginMeta / otp
oauth3 = OAUTH3.create(urlObj); return OAUTH3.authn.loginMeta(oauth3._providerDirectives, { email: email }).then(function (/*result*/) {
form.println("got to setProvider"); return { node: email, type: 'email' };
return oauth3.setProvider(domain).then(function () { }, function (/*err*/) {
form.println("got to setProvider SUCCESS"); // TODO require hashcash to create user account
sameProvider = true; function confirmCreateAccount() {
// ignore // TODO directives should specify private (invite-only) vs internal (request) vs public (allow) accounts
}, function () { return form.ask({
form.println("got to setProvider ERROR"); label: "We don't recognize that address. Do you want to create a new account? [Y/n] "
function askOauth3Url() { , type: 'text' // TODO boolean with default Y or N
return form.ask({ label: "What's your OAuth3 Provider URL? ", type: 'url' }).then(function (urlResult) { }).then(function (result) {
var urlObj = url.parse(urlResult.result || urlResult.input); if (!result.input) {
// TODO get unique client id for bootstrapping app result.input = 'Y';
oauth3 = OAUTH3.create(urlObj); }
return oauth3.setProvider(urlResult.result || urlResult.input).then(function () {
// ignore // TODO needs backup address if email is on same domain as login
}, function (err) { result.input = result.input.toLowerCase();
form.println(err.stack || err.message || err.toString());
return askOauth3Url(); if ('y' !== result.input) {
return getCurrentUserEmail();
}
if (!sameProvider) {
return { node: email, type: 'email' };
}
return form.ask({
label: "What's your recovery email (or cloud mail) address? ", type: 'email'
}).then(function (recoveryResult) {
return {
node: email
, type: 'name'
, recovery: recoveryResult.result || recoveryResult.input
};
}); });
}); });
} }
return askOauth3Url(); return confirmCreateAccount();
}).then(function () { }).then(function (user) {
// TODO lookup uuid locally before performing loginMeta // TODO skip if token exists locally
// TODO lookup token locally before performing loginMeta / otp var email = (user.recovery || user.node);
form.println("got to loginMeta"); form.println("Sending login code to '" + email + "'...");
return OAUTH3.authn.loginMeta(oauth3._providerDirectives, { email: emailResult.input }).then(function (/*result*/) { return OAUTH3.authn.otp(oauth3._providerDirectives, { email: email }).then(function (otpResult) {
return { node: emailResult.result || emailResult.input, type: 'email' }; return form.ask({
}, function (/*err*/) { label: "What's your login code? "
// TODO require hashcash to create user account , help: "(it was sent to '" + email + "' and looks like 1234-5678-9012)"
function confirmCreateAccount() { // onkeyup
// TODO directives should specify private (invite-only) vs internal (request) vs public (allow) accounts // ondebounce
// onchange
// regexp // html5 name?
, onReturnAsync: function (rs, ws, input/*, ch*/) {
var formatted = input.toLowerCase().replace(/[^\d]+/g, '');
if (12 !== formatted.length) {
return form.PromiseA.reject(new Error("invalid code please try again in the format xxxx-yyyy-zzzz"));
}
formatted = formatted.match(/.{4,4}/g).join('-');
if (14 !== formatted.split('').length) {
return form.PromiseA.reject(new Error("invalid code '" + formatted + "', please try again xxxx-yyyy-zzzz"));
}
var data = {
username: email
, username_type: 'email'
, client_id: OAUTH3.uri.normalize(oauth3._providerDirectives.issuer)
, client_uri: OAUTH3.uri.normalize(oauth3._providerDirectives.issuer)
, otp_code: formatted
, otp_uuid: otpResult.data.uuid
};
// returns session instead of input
var colors = require('colors');
form.setStatus(colors.dim("authenticating with server..."));
return OAUTH3.authn.resourceOwnerPassword(oauth3._providerDirectives, data).then(function (result) {
return result;
}, function (/*err*/) {
// TODO test error
return form.PromiseA.reject(new Error("The code '" + formatted + "' is mistyped or incorrect. Double check and try again."));
});
}
});
});
});
}
function getCurrentUserEmail() {
return form.ask({
label: "What's your email (or cloud mail) address? ", type: 'email', value: opts.email
}).then(function (emailResult) {
opts.email = undefined;
email = (emailResult.result || emailResult.input);
var emailParts = email.split('@');
var domain = emailParts[1];
username = emailParts[0];
providerUrl = 'https://' + domain;
providerUri = domain;
var urlObj = url.parse(providerUrl);
// TODO get unique client id for bootstrapping app
oauth3 = OAUTH3.create(urlObj);
return oauth3.setProvider(domain).then(function () {
sameProvider = true;
// ignore
}, function () {
function askOauth3Url() {
return form.ask({ return form.ask({
label: "We don't recognize that address. Do you want to create a new account? [Y/n] " label: "What's your OAuth3 Provider URL? ", type: 'url', value: opts.providerUri
, type: 'text' // TODO boolean with default Y or N }).then(function (urlResult) {
}).then(function (result) { opts.providerUri = undefined;
if (!result.input) { providerUrl = urlResult.result || urlResult.input;
result.input = 'Y'; providerUri = OAUTH3.uri.normalize(providerUrl);
}
// TODO needs backup address if email is on same domain as login var urlObj = url.parse(providerUrl);
result.input = result.input.toLowerCase(); // TODO get unique client id for bootstrapping app
oauth3 = OAUTH3.create(urlObj);
if ('y' !== result.input) { return oauth3.setProvider(providerUri).then(function () {
return getCurrentUserEmail(); // ignore
} }, function (err) {
form.println(err.stack || err.message || err.toString());
if (!sameProvider) { return askOauth3Url();
return { node: emailResult.result || emailResult.input, type: 'email' };
}
return form.ask({
label: "What's your recovery email (or cloud mail) address? ", type: 'email'
}).then(function (recoveryResult) {
username = emailParts[0];
return {
node: emailResult.result || emailResult.input
, type: 'name'
, recovery: recoveryResult.result || recoveryResult.input
};
}); });
}); });
} }
return confirmCreateAccount(); return askOauth3Url();
}); });
}); });
}); }
}
return getCurrentUserEmail().then(function (user) { return getCurrentUserEmail().then(function () {
// TODO skip if token exists locally return OAUTH3._hooks.meta.get(email).then(function (id) {
var email = (user.recovery || user.node); if (!id) {
form.println("Sending login code to '" + email + "'..."); return null;
return OAUTH3.authn.otp(oauth3._providerDirectives, { email: email }).then(function (otpResult) {
return form.ask({
label: "What's your login code? "
, help: "(it was sent to '" + email + "' and looks like 1234-5678-9012)"
// onkeyup
// ondebounce
// onchange
// regexp // html5 name?
, onReturnAsync: function (rs, ws, input/*, ch*/) {
var formatted = input.toLowerCase().replace(/[^\d]+/g, '');
if (12 !== formatted.length) {
return form.PromiseA.reject(new Error("invalid code please try again in the format xxxx-yyyy-zzzz"));
}
formatted = formatted.match(/.{4,4}/g).join('-');
if (14 !== formatted.split('').length) {
return form.PromiseA.reject(new Error("invalid code '" + formatted + "', please try again xxxx-yyyy-zzzz"));
}
var data = {
username: email
, username_type: 'email'
, client_id: OAUTH3.uri.normalize(oauth3._providerDirectives.issuer)
, client_uri: OAUTH3.uri.normalize(oauth3._providerDirectives.issuer)
, otp_code: formatted
, otp_uuid: otpResult.data.uuid
};
// returns session instead of input
var colors = require('colors');
form.setStatus(colors.dim("authenticating with server..."));
return OAUTH3.authn.resourceOwnerPassword(oauth3._providerDirectives, data);
} }
}).then(function (results) { return OAUTH3._hooks.sessions.get(providerUri, id).then(function (session) {
var session = results.result; if (session) {
return session;
form.println('session:'); }
form.println(session); return null;
});
}); });
}).then(function (session) {
if (session) {
return session;
}
return getSession().then(function (sessionResult) {
console.log('sessionResult');
console.log(sessionResult);
var session = sessionResult.result;
var id = require('crypto').createHash('sha256').update(session.token.sub || '').digest('hex');
return OAUTH3._hooks.sessions.set(providerUri, session, id).then(function (session) {
return OAUTH3._hooks.meta.set(email, id).then(function () {
return session;
});
});
});
}).then(function (session) {
form.println('session:');
form.println(session);
oauth3.__session = session;
return oauth3;
}); });
}); };

2
node_modules/terminal-forms.js generated vendored

@ -1 +1 @@
Subproject commit f078d479b085e8658fb2039eb3e4de49afd9db0e Subproject commit 91efb1bbf2ab8f4db86f3e93a5c82bf541f1cc67

8
oauth3.core.js
View File

@ -1118,6 +1118,7 @@
return OAUTH3.implicitGrant(me._providerDirectives, opts).then(function (session) { return OAUTH3.implicitGrant(me._providerDirectives, opts).then(function (session) {
me._session = true; me._session = true;
me.__session = session;
return session; return session;
}); });
} }
@ -1130,7 +1131,7 @@
preq.client_id = this._clientUri; preq.client_id = this._clientUri;
preq.method = preq.method || 'GET'; preq.method = preq.method || 'GET';
if (this._session) { if (this._session) {
preq.session = preq.session || OAUTH3.hooks.session._getCached(this._providerUri); preq.session = preq.session || this.session(); // OAUTH3.hooks.session._getCached(this._providerUri);
} }
// TODO maybe use a baseUrl from the directives file? // TODO maybe use a baseUrl from the directives file?
preq.url = OAUTH3.url.resolve(this._providerUri, preq.url); preq.url = OAUTH3.url.resolve(this._providerUri, preq.url);
@ -1138,6 +1139,8 @@
return OAUTH3.request(preq, opts); return OAUTH3.request(preq, opts);
} }
, logout: function (opts) { , logout: function (opts) {
this.__session = false;
this._session = false;
opts = opts || {}; opts = opts || {};
opts.client_uri = this._clientUri; opts.client_uri = this._clientUri;
opts.client_id = this._clientUri; opts.client_id = this._clientUri;
@ -1148,7 +1151,8 @@
, api: function (api, opts) { , api: function (api, opts) {
opts = opts || {}; opts = opts || {};
opts.api = api; opts.api = api;
opts.session = OAUTH3.hooks.session._getCached(this._providerUri); opts.session = this.__session || OAUTH3.hooks.session._getCached(this._providerUri);
return OAUTH3.api(this._providerUri, opts); return OAUTH3.api(this._providerUri, opts);
} }
}; };

114
oauth3.node.storage.js
View File

@ -1,46 +1,134 @@
'use strict'; 'use strict';
var fs = require('fs'); var PromiseA = require('bluebird');
var fs = PromiseA.promisifyAll(require('fs'));
var path = require('path'); var path = require('path');
//var oauth3dir = process.cwd();
var oauth3dir = path.join(require('os').homedir(), '.oauth3', 'v1');
var sessionsdir = path.join(oauth3dir, 'sessions');
var directivesdir = path.join(oauth3dir, 'directives');
var metadir = path.join(oauth3dir, 'meta');
if (!fs.existsSync(oauth3dir)) {
fs.mkdirSync(oauth3dir);
}
if (!fs.existsSync(directivesdir)) {
fs.mkdirSync(directivesdir);
}
if (!fs.existsSync(sessionsdir)) {
fs.mkdirSync(sessionsdir);
}
if (!fs.existsSync(metadir)) {
fs.mkdirSync(metadir);
}
module.exports = { module.exports = {
directives: { directives: {
get: function (providerUri) { all: function () {
return fs.readdirAsync(directivesdir).then(function (nodes) {
return nodes.map(function (node) {
try {
return require(path.join(directivesdir, node));
} catch(e) {
return null;
}
}).filter(Boolean);
});
}
, get: function (providerUri) {
// TODO make safe // TODO make safe
try { try {
return require(path.join(process.cwd(), providerUri + '.directives.json')); return require(path.join(directivesdir, providerUri + '.json'));
} catch(e) { } catch(e) {
return null; return null;
} }
} }
, set: function (providerUri, directives) { , set: function (providerUri, directives) {
fs.writeFileSync(path.join(process.cwd(), providerUri + '.directives.json'), JSON.stringify(directives, null, 2)); return fs.writeFileAsync(
return directives; path.join(directivesdir, providerUri + '.json')
, JSON.stringify(directives, null, 2)
).then(function () {
return directives;
});
}
, clear: function () {
return fs.readdirAsync(directivesdir).then(function (nodes) {
return PromiseA.all(nodes.map(function (node) {
return fs.unlinkAsync(path.join(directivesdir, node)).then(function () { }, function () { });
}));
});
} }
} }
, sessions: { , sessions: {
get: function (providerUri, id) { all: function (providerUri) {
// TODO make safe var dirname = path.join(oauth3dir, 'sessions');
return fs.readdirAsync(dirname).then(function (nodes) {
return nodes.map(function (node) {
var result = require(path.join(dirname, node));
if (result.link) {
return null;
}
}).filter(Boolean).filter(function (result) {
if (!providerUri || providerUri === result.issuer) {
return result;
}
});
});
}
, get: function (providerUri, id) {
var result;
try { try {
if (id) { if (id) {
return require(path.join(process.cwd(), providerUri + '.' + id + '.session.json')); return PromiseA.resolve(require(path.join(sessionsdir, providerUri + '.' + id + '.json')));
} }
else { else {
return require(path.join(process.cwd(), providerUri + '.session.json')); result = require(path.join(sessionsdir, providerUri + '.json'));
// TODO make safer
if (result.link && '/' !== result.link[0] && !/\.\./.test(result.link)) {
result = require(path.join(oauth3dir, 'sessions', result.link));
}
} }
} catch(e) { } catch(e) {
return null; return PromiseA.resolve(null);
} }
return PromiseA.resolve(result);
} }
, set: function (providerUri, session, id) { , set: function (providerUri, session, id) {
var p;
if (id) { if (id) {
fs.writeFileSync(path.join(process.cwd(), providerUri + '.' + id + '.session.json'), JSON.stringify(session, null, 2)); p = fs.writeFileAsync(path.join(sessionsdir, providerUri + '.' + id + '.json'), JSON.stringify(session, null, 2));
} }
else { else {
fs.writeFileSync(path.join(process.cwd(), providerUri + '.session.json'), JSON.stringify(session, null, 2)); p = fs.writeFileAsync(path.join(sessionsdir, providerUri + '.json'), JSON.stringify(session, null, 2));
} }
return session; return p.then(function () {
return session;
});
}
, clear: function () {
var dirname = path.join(oauth3dir, 'sessions');
return fs.readdirAsync(dirname).then(function (nodes) {
return PromiseA.all(nodes.map(function (node) {
return fs.unlinkAsync(path.join(dirname, node));
}));
});
}
}
, meta: {
get: function (key) {
// TODO make safe
try {
return PromiseA.resolve(require(path.join(metadir, key + '.json')));
} catch(e) {
return PromiseA.resolve(null);
}
}
, set: function (key, value) {
return fs.writeFileAsync(path.join(metadir, key + '.json'), JSON.stringify(value, null, 2)).then(function () {
return value;
});
} }
} }
}; };